aboutsummaryrefslogtreecommitdiffstats
path: root/wintun.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Accept WoW64 clientsSimon Rozman2020-10-301-10/+47
| | | | Signed-off-by: Simon Rozman <simon@rozman.si>
* Use standard volatile semanticsShawn Hoffman2020-10-301-38/+38
| | | | | | | | Make all archs are use the standardized concept of volatile. This patch will cause the most changes to arm64 codegen. Signed-off-by: Shawn Hoffman <godisgovernment@gmail.com> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* Fix potential TunDispatchSecurityDescriptor leakJason A. Donenfeld2020-10-301-0/+3
| | | | | | | | TunDispatchSecurityDescriptor will leak if RtlAbsoluteToSelfRelativeSD fails. Add cleanup in error path. Reported-by: Shawn Hoffman <godisgovernment@gmail.com> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* Use RtlSubAuthoritySid instead of directly poking SIDShawn Hoffman2020-10-301-1/+1
| | | | | Signed-off-by: Shawn Hoffman <godisgovernment@gmail.com> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* Invert skipPacket condition so code matchesJason A. Donenfeld2019-12-101-2/+3
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* Increment discarded packets properlyJason A. Donenfeld2019-12-101-3/+1
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* Process send NBLs in batchesSimon Rozman2019-12-101-59/+63
| | | | | | | | | | | When using packet forwarding on Windows computer, adjacent NBLs may represent packet fragments. Those NBLs must not be completed separately, but in a single NdisMSendNetBufferListsComplete() call. This fixes a bugcheck on Windows Server with RRAS role and IP forwarding packets to Wintun adapter. Signed-off-by: Simon Rozman <simon@rozman.si>
* Remove excessive ASSERTSimon Rozman2019-12-101-2/+0
| | | | Signed-off-by: Simon Rozman <simon@rozman.si>
* Ensure that buffers are unmapped on process exit and adapter deletionJason A. Donenfeld2019-10-061-13/+84
| | | | | | | | | | | | Before duplicating a handle elsewhere and closing the original process would result in disaster. Also, it turns out that TunHaltEx can be called before the handles are all closed, so we need to unregister prior to freeing the ctx, lest disaster occurs. Finally, now that we have a few different things happening with registration and deregistration, we serialize all accesses with an eresource, a bit heavy-weight but sufficient. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* Use performance counter for less spinningJason A. Donenfeld2019-08-041-5/+5
| | | | | | | | | | | | Previously we had to spin for a minimum of 15ms because the tick interval is 156250 on NT. On linux, usually trips to the high performance timers are discouraged because if they don't hit the RDTSC path (due to being unstable or the like), they hit more expensive hardware. I assume that's probably the same on NT, but all of tcpip.sys and ndis.sys uses the performance counters too, so what are we going to do? Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* Spin less and more efficientlyJason A. Donenfeld2019-08-041-5/+4
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* Cleanup NBL reference countingSimon Rozman2019-08-021-39/+25
| | | | | | | | | The Empty event state is now set according to Ctx->Device.Receive.ActiveNbls.Head != NULL. But, we still have to clear the Empty event inside the TransitionLock to prevent race with TunPause(). Signed-off-by: Simon Rozman <simon@rozman.si>
* Skip packet on NBL allocation failure properlySimon Rozman2019-08-021-0/+2
| | | | | | | | Should NBL allocation persist to fail, the receive ring could eventually fill up as there will be no TunReturnNetBufferLists() calls to advance its head. Signed-off-by: Simon Rozman <simon@rozman.si>
* Use reference counter and KEVENT instead of remove locksSimon Rozman2019-08-021-12/+9
| | | | | | Driver verifier doesn't like re-initializing remove locks. Signed-off-by: Simon Rozman <simon@rozman.si>
* Rearrange comment to make clang-format happyJason A. Donenfeld2019-08-021-2/+2
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* Disable APC when taking rwlockJason A. Donenfeld2019-08-021-0/+6
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* Resolve SDV reported "defect"Simon Rozman2019-08-021-0/+2
| | | | | | | | | NdisMGetDeviceProperty() should always return non-NULL FunctionalDeviceObject according to _Outptr_opt_. An explicit FunctionalDeviceObject NULL check has been added to keep the SDV happy and not calling our driver "defective". Signed-off-by: Simon Rozman <simon@rozman.si>
* Separate out atomic helpersJason A. Donenfeld2019-08-021-61/+9
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* Rewrite installer logic in CJason A. Donenfeld2019-08-021-3/+3
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* Use explicit running boolean and use set instead of exchangeJason A. Donenfeld2019-07-311-24/+31
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* Assert that adapter is always running when client is registering ringsSimon Rozman2019-07-311-0/+2
| | | | | | | | | By attaching to NDIS device instead of creating our own device for I/O, the adapter is always running before client is able to connect and register rings. NDIS also won't allow adapter to pause with connected clients. Signed-off-by: Simon Rozman <simon@rozman.si>
* Cleanup TUN_FLAGS_PRESENTSimon Rozman2019-07-311-8/+2
| | | | | | | | | | With no PnP notifications and custom surprise removal code we do not need the TUN_FLAGS_PRESENT any more. The traffic is stopped when handle is closed or adapter is somehow paused. Though by reusing the NDIS device for our I/O, the adapter will not be able to pause with a client connected. Signed-off-by: Simon Rozman <simon@rozman.si>
* Add handle closing ioctlJason A. Donenfeld2019-07-311-8/+81
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* Reinitialize active NBL remove lock to allow adapter reuseSimon Rozman2019-07-311-1/+3
| | | | | | | | | | | | | | Before the TunProcessReceiveData() thread terminates or adapter is paused, we wait for all receive NBLs to be returned. Unfortunately, IoReleaseRemoveLockAndWait() leaves the remove lock in non reusable state. To be able to start receiving packets on existing adapter again, we (re)initialize the remove lock on ring registration or adapter resume. The former addresses TunProcessReceiveData()'s IoReleaseRemoveLockAndWait() call, the later addresses the TunPause()'s. Signed-off-by: Simon Rozman <simon@rozman.si>
* Compile on 32-bit and arm64Jason A. Donenfeld2019-07-191-6/+8
| | | | | | No popcnt intrinsic on arm, no PopulationCount64 function on 32bit. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* Use more specific IOCTL codeJason A. Donenfeld2019-07-191-2/+1
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* Require the usual SDDL_DEVOBJ_SYS_ALL permissionsJason A. Donenfeld2019-07-181-36/+96
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* Make receiving NBLs asynchronousSimon Rozman2019-07-181-26/+105
| | | | | | | This commit moves NBL post-processing (moving ring head, releasing NBL) to MINIPORT_RETURN_NET_BUFFER_LISTS handler. Signed-off-by: Simon Rozman <simon@rozman.si>
* Minimize TransitionLock when receiving packetsSimon Rozman2019-07-181-13/+11
| | | | | | | We do not need to share-lock the TransitionLock for the whole life of receiver thread. Signed-off-by: Simon Rozman <simon@rozman.si>
* Fix insane coding styleJason A. Donenfeld2019-07-181-2/+2
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* Fix awkward comment styleJason A. Donenfeld2019-07-181-3/+3
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* Do not hijack PNP notifierJason A. Donenfeld2019-07-181-35/+1
| | | | | | We no longer pend send-side NBLs, so we don't have a real use for this. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* Switch to paged dispatch handlersJason A. Donenfeld2019-07-181-4/+7
| | | | | | We're not totally sure this is kosher, unfortunately. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* Minimize TransitionLock when sending packetsSimon Rozman2019-07-181-7/+9
| | | | | | | | | | | | | We do not need to share-lock the TransitionLock for complete NBL chain. This commit should improve better state transition response, thou until NDIS is sending a single NBL per MINIPORT_SEND_NET_BUFFER_LISTS call, this should not have a considerable effect. Since the skibNbl: call of NdisMSendNetBufferListsComplete() is made inside the TransactionLock at dispatch IRQL, a dispatch IRQL hint was added to the NdisMSendNetBufferListsComplete() call. Signed-off-by: Simon Rozman <simon@rozman.si>
* Piggy-back on top of NDIS' device object instead of adding our ownJason A. Donenfeld2019-07-181-279/+83
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* Replace TUN_FLAGS_CONNECTED by an eventSimon Rozman2019-07-171-18/+18
| | | | | | | | | | On client closing the handle there is a potential race if somebody resets the TailMoved event of receive ring at the right time. Rather than rely on TailMoved event, we introduce our own Disconnected notification event and have the receive thread wait on both. The Disconnected event is also usable as TUN_FLAGS_CONNECTED substitute. Signed-off-by: Simon Rozman <simon@rozman.si>
* Improve lock retention when sendingSimon Rozman2019-07-171-44/+123
| | | | | | | | | | | | | NDIS may call MINIPORT_SEND_NET_BUFFER_LISTS from parallel threads to queue as many packets as fast as possible. Initial implementation of ring buffers used a spin lock to completely serialize sending packets making it sub-optimal and burning large amount of CPU. This commit uses locked section to allocate space for packet(s) in the ring. It copies the packets unlocked, then it locks again to adjust the ring tail. Signed-off-by: Simon Rozman <simon@rozman.si>
* Spin for a bit before falling back to event objectJason A. Donenfeld2019-07-171-8/+31
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* Switch to ring buffers for exchanging packetsSimon Rozman2019-07-161-814/+399
| | | | | | | This demonstrates the use of ring buffers in its simplest, purest form. No performance optimizations were made. Signed-off-by: Simon Rozman <simon@rozman.si>
* Rename remaining status -> Status and ctx -> CtxSimon Rozman2019-07-081-19/+19
| | | | Signed-off-by: Simon Rozman <simon@rozman.si>
* Remove TunMapIrpJason A. Donenfeld2019-07-051-28/+8
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* Simplify ActiveNblCount decrementJason A. Donenfeld2019-07-051-12/+7
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* Rename NBL -> NblOdd Stranne2019-07-051-34/+34
| | | | Signed-off-by: Odd Stranne <odd@mullvad.net>
* Rename labels to be more consistentOdd Stranne2019-07-051-49/+48
| | | | Signed-off-by: Odd Stranne <odd@mullvad.net>
* Make error branching more compactOdd Stranne2019-07-051-41/+29
| | | | Signed-off-by: Odd Stranne <odd@mullvad.net>
* Treat ReferenceCount as an atomicJason A. Donenfeld2019-07-051-1/+1
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* Cleanup atomic gettersJason A. Donenfeld2019-07-051-20/+39
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* Return with proper error status for bad addressJason A. Donenfeld2019-07-051-1/+1
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* Do not take extra ActiveNBL when holding TransitionLockJason A. Donenfeld2019-07-051-5/+1
| | | | | | | The transition lock ensures that TunPause won't drop its last reference until the shared transition lock is dropped. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* Do not complete pause if we're not runningJason A. Donenfeld2019-07-051-43/+17
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.